Return-Path: Delivered-To: apmail-harmony-dev-archive@www.apache.org Received: (qmail 81274 invoked from network); 10 Jan 2007 12:14:09 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 10 Jan 2007 12:14:09 -0000 Received: (qmail 15509 invoked by uid 500); 10 Jan 2007 12:14:13 -0000 Delivered-To: apmail-harmony-dev-archive@harmony.apache.org Received: (qmail 15475 invoked by uid 500); 10 Jan 2007 12:14:13 -0000 Mailing-List: contact dev-help@harmony.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@harmony.apache.org Delivered-To: mailing list dev@harmony.apache.org Received: (qmail 15466 invoked by uid 99); 10 Jan 2007 12:14:13 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Jan 2007 04:14:13 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of alexey.v.varlamov@gmail.com designates 64.233.162.230 as permitted sender) Received: from [64.233.162.230] (HELO nz-out-0506.google.com) (64.233.162.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Jan 2007 04:14:04 -0800 Received: by nz-out-0506.google.com with SMTP id j2so57040nzf for ; Wed, 10 Jan 2007 04:13:44 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=q9A2WmhXdrKj0+zDWhbAP2XtPOrWHjTym8qQUzk+8Ln+6wEo8AYxj7jL8uI1wYKUnmflZnJRrU53aE6aQz9yiX1HWq5yEUbr7CJANoE54zLN++shqEQdCMMYLsMTbQ1DwftU/kBCl/ZjKKPB6bYc3AX5PW8HORMxvx/ImO7YaYY= Received: by 10.65.236.14 with SMTP id n14mr338079qbr.1168431224050; Wed, 10 Jan 2007 04:13:44 -0800 (PST) Received: by 10.65.121.17 with HTTP; Wed, 10 Jan 2007 04:13:44 -0800 (PST) Message-ID: Date: Wed, 10 Jan 2007 18:13:44 +0600 From: "Alexey Varlamov" To: dev@harmony.apache.org Subject: Re: [classlib][security-kernel] Setting non-system SecurityManager for the first time In-Reply-To: <51abf0750701100352p549aea21l5b2f7a8d2865042b@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <51abf0750701100133q5897365dkc27f707b3290753@mail.gmail.com> <51abf0750701100352p549aea21l5b2f7a8d2865042b@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org 2007/1/10, Mikhail Markov : > On 1/10/07, Alexey Varlamov wrote: > > > I agree, this testcase demonstrates bugs in RI and J9 (btw, why did > > you call an uncaugth exception the "crash" ?). > > > Because i get Debug/Close window: "VM launcher has encountered a problem and > needs to close. We are sorry for the inconvenience." :-)* > * > > > > And I see nothing really strange in the behavoir of DRLVM, checking of > > SecurityPermission getProperty.package.access is not mandated by the > > API specification thus its result can (and should) be discarded. > > > But RI does not consult newly set SecurityManager for any additional > permissions. Hmm, let's look at RI's backtrace again: -------- Exception in thread "main" java.lang.ExceptionInInitializerError at java.lang.System.setSecurityManager0(System.java:275) at java.lang.System.setSecurityManager(System.java:244) at Test.main(Test.java:6) Caused by: java.lang.SecurityException: (java.security.SecurityPermission getProperty.networkaddress.cache.ttl) is not granted. at MySecurityManager.checkPermission(Test.java:14) ... --------- In fact RI would check some more permissions if this "SecurityPermission getProperty.networkaddress.cache.ttl" succeeded. > I agree that this is not a problem - perhaps just a place for further > performance optimisations. Well, the additional checks are there to help avoiding unexpected classloading problems (like cyclic dependency). This trick is exploited by the all tested VMs, trading performance for regularity - and clearly this API is never performance critical. -- Alexey > > Regards, > Mikhail > > -- > > Alexey > > > > 2007/1/10, Mikhail Markov : > > > Hi! > > > > > > While investigating https://issues.apache.org/jira/browse/HARMONY-2955JIRA > > > i've found an interesting thing: > > > The testcase below produces different result for 3 VMs (below as well) > > and > > > all 3 are rather weird: > > > RI: > > > - need access to some security properties when calling > > > System.setSecurityManager for the first time - seems violation of the > > spec > > > to me. > > > - but if uncomment the line #5 (and thus some static initializers will > > be > > > done) then the output is just "Security manager was successfully set." > > > > > > DRLVM: > > > - checking java.security.SecurityPermission getProperty.package.accessand > > > althought it's not granted - successfully sets security manager > > (probably by > > > catching exception inside VM kernel classes) > > > > > > IBM VME: > > > - checking the same java.security.SecurityPermission > > > getProperty.package.access and crashes as it's not granted > > > > > > From these 3 results DRLVM seems to me the closest to what is expected. > > > > > > I'm not sure what kinds of JIRAs should be open in this case: > > > I could suggest opening at least 2 JIRAs: > > > 1) "non-bug diff" as this code should silently work > > > 2) against IBM VME - as it crashes while checking additional properties > > > Not sure what to do with DRLVM as it's behaviour generally correct. > > > > > > Thoughts? > > > > > > Regards, > > > Mikhail > > > > > > -------- output -------------- > > > RI: > > > Checking (java.security.SecurityPermission > > > getProperty.networkaddress.cache.ttl)... > > > Exception in thread "main" java.lang.ExceptionInInitializerError > > > at java.lang.System.setSecurityManager0(System.java:275) > > > at java.lang.System.setSecurityManager(System.java:244) > > > at Test.main(Test.java:6) > > > Caused by: java.lang.SecurityException: ( > > java.security.SecurityPermission > > > getProperty.networkaddress.cache.ttl) is not granted. > > > at MySecurityManager.checkPermission(Test.java:14) > > > at java.security.Security.getProperty(Security.java:724) > > > at sun.net.InetAddressCachePolicy$1.run( > > InetAddressCachePolicy.java > > > :81) > > > at java.security.AccessController.doPrivileged(Native Method) > > > at sun.net.InetAddressCachePolicy.( > > > InetAddressCachePolicy.java:77) > > > ... 3 more > > > > > > DRLVM: > > > Checking (java.security.SecurityPermission getProperty.package.access > > )... > > > Security manager was successfully set. > > > Checking (java.lang.RuntimePermission getProtectionDomain)... > > > > > > IBM VME (crashes): > > > Checking (java.security.SecurityPermission getProperty.package.access > > )... > > > Exception in thread "main" java.lang.SecurityException: ( > > > java.security.SecurityPermission getProperty.package.access) is not > > granted. > > > at MySecurityManager.checkPermission(Test.java:14) > > > at java.lang.SecurityManager.checkSecurityAccess( > > > SecurityManager.java:422) > > > at java.security.Security.getProperty(Security.java:360) > > > at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java > > > :131) > > > at java.security.AccessController.doPrivileged( > > AccessController.java > > > :179) > > > at java.lang.SecurityManager.checkPackageProperty( > > > SecurityManager.java:333) > > > at java.lang.SecurityManager.checkPackageAccess( > > SecurityManager.java > > > :34) > > > at com.ibm.oti.vm.URLSystemClassLoader.loadClass( > > > URLSystemClassLoader.java:54) > > > at java.lang.ClassLoader.loadClass(ClassLoader.java:620) > > > at com.ibm.oti.vm.URLSystemClassLoader.loadClass( > > > URLSystemClassLoader.java:60) > > > at java.lang.ClassLoader.loadClass(ClassLoader.java:594) > > > at MySecurityManager.checkPermission(Test.java:13) > > > at java.lang.SecurityManager.checkSecurityAccess( > > > SecurityManager.java:422) > > > at java.security.Security.getProperty(Security.java:360) > > > at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java > > > :131) > > > at java.security.AccessController.doPrivileged( > > AccessController.java > > > :179) > > > at java.lang.SecurityManager.checkPackageProperty( > > > SecurityManager.java:333) > > > at java.lang.SecurityManager.checkPackageAccess( > > SecurityManager.java > > > :34) > > > at com.ibm.oti.vm.URLSystemClassLoader.loadClass( > > > URLSystemClassLoader.java:54) > > > at java.lang.ClassLoader.loadClass(ClassLoader.java:594) > > > at Test.main(Test.java:7) > > > Checking (java.lang.RuntimePermission modifyThreadGroup)... > > > > > > -------- Test.java ----------- > > > > > > import java.security.Permission; > > > > > > > > > > > > public class Test { > > > > > > public static void main(String[] args) throws Exception { > > > > > > //System.setSecurityManager(null); > > > > > > System.setSecurityManager(new MySecurityManager()); > > > > > > System.out.println("Security manager was successfully set."); > > > > > > } > > > > > > } > > > > > > > > > > > > class MySecurityManager extends SecurityManager { > > > > > > public void checkPermission(Permission perm) { > > > > > > System.out.println("Checking " + perm + "..."); > > > > > > throw new SecurityException(perm.toString() + " is not > > granted."); > > > > > > } > > > > > > } > > > > > > > > > >